Shirkdog

Are there any issues with your oinkcode or did you put it into your pulledpork.conf? Can you login to www.snort.org and download the signatures by hand? If so, make sure...

Will need to look at this with 0.7.3 released, as there have been issues with various proxy setups, and the addition of some configuration options must be ironed out to...

Work it up as a pull request and send it over, I will take a look and merge it in. Going forward, the current "release" will be stable, but anything...

I received it, and will take a look and review.

I have this patch and will have to take a look at this in the next release. [policy-enable-disable.patch.gz](https://github.com/shirkdog/pulledpork/files/1536493/policy-enable-disable.patch.gz)

For the first three, you should remove "1:" so your line in your modifysid.conf looks like this: ```20212 "^\s*drop" "alert"``` pulledpork assumes a list of "SIDs". I also assume you...

what user is running pulledpork (maybe perms, but probably not an issue)? you have modifysid.conf in your pulledpork.conf from before, but you are using dropsid.conf to set everything to drop,...

A look at the latest 3.x tarball, and I do see that there are now precompiled shared object rules being distributed. I am not sure the dumping of the stub...

I have created a new repo for snort3 called "pulledpork3". There is some initial code that has been written by someone in the community that will be a good starting...

In the case you referenced, I would assume this is not intended behavior, because the engine is Suricata and not Snort, but still seems like worth investigating even for Suricata....